Twitter now supports two-factor authentication without SMS

Two-factor authentication is one of the most important security measures you can take to lock down your online accounts. This is typically handled by SMS, in which a code is sent to your phone and used to log in. By requiring an extra step during the log-in process in which you would need physical access to something like your phone, it’s a great way to ensure that it’s actually you logging into your account — and not some hacker in Russia.

The problem with 2FA via SMS is that it uses static codes. These codes could potentially be viewed by a hacker or someone who may have gained access to a device and can read messages sent to it. To give their users another way to secure their accounts, Twitter announced that they’re now supporting 3rd party apps for two-factor authentication, instead of relying solely on SMS.

Apps like Google Authenticator, Duo Mobile, Authy, or other similar apps can all be used, and typically work by generating quick, one-time use codes that disappear after 30 seconds. You’ll still need your phone to setup 2FA but you can delete it after using a 3rd party app. If you’re looking to set up this new method of two-factor authentication, Twitter has posted full step-by-step directions on their help page here.